[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [ws-sx] PR Issue 4: Categorization of SCT references is unclear
I think your first point is correct and should have been caught earlier. I agree with your proposal to: Change Lines 1026-1027 from references from within the <wsse:Security> element to a token also within the <wsse:Security> element to references from within the <wsse:Security> element I can see where the confusion around treating the RST/RSTR the same as the <wsse:Security> header comes from. I agree some clarifying text would be appropriate. I suggest adding the following sentence after the end of the sentence on line 1040: "A reference from the RST/RSTR is treated differently than other references from the SOAP Body as the RST/RSTR is exclusively dealing with security related information similar to the <wsse:Security> element." -----Original Message----- From: NISHIMURA Toshihiro [mailto:nishimura.toshi@jp.fujitsu.com] Sent: Friday, November 10, 2006 1:30 AM To: ws-sx@lists.oasis-open.org Cc: Marc Goodner Subject: NEW Issue: Categorization of SCT references is unclear PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. The issues coordinators will notify the list when that has occurred. Protocol: ws-sc ws-secureconversation-1.3-spec-cd-01 http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/ws-secureconversation-1.3-spec-cd-01.pdf Artifact: spec Type: design Title: Categorization of SCT references is unclear Description: In the first paragraph in Chapter 8 (Lines 1025-1031), references to SCT are divided into two categories: [a] references from within the <wsse:Security> element to a token also within the <wsse:Security> element [b] references from other parts of the SOAP envelope And then references within the <wsse:Security> element are divided into two subcategories : [a-1] reference (from within the <wsse:Security> element) to an SCT found within the message [a-2] references (from within the <wsse:Security> element) to a SCT not present in the message [a] can not diveded into [a-1] and [a-2], because [a] is "reference to a token within the <wsse:Security> element". I think [a] is intended to say just "references from within the <wsse:Security>" Later paragraphs in Chapter 8 describes three categories as follows: [A] reference from within the <wsse:Security> element or from an RST or RSTR (Lines 1040-1042) [B] reference from outside the <wsse:Security> element to SCT located in the <wsse:Security> element (Lines 1044-1047) [C] reference from within the <wsse:Security> element to SCT not present in the message (Lines 1049-1051) [A],[B] and [C] corresponds to [a-1], [b] and [a-2] except [A] mentions about RST and RSTR. I'd like to know the reason why reference from RST/RSTR is not categorized to [B]. I hope the reason will be described in the spec. Related issues: none Proposed Resolution: Change Lines 1026-1027 from references from within the <wsse:Security> element to a token also within the <wsse:Security> element to references from within the <wsse:Security> element And add some description about reference from RST/RSTR around Line 1040. --- NISHIMURA Toshihiro (FAMILY Given) nishimura.toshi@jp.fujitsu.com STRATEGY AND TECHNOLOGY DIV., SOFTWARE UNIT, FUJITSU LIMITED
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]